<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>eval</title>
</head>
<body>
<h1>WELCOME TO EVAL</h1>
{% for i in data %}
    <h1>{{ i.name }}</h1>
    <h1>{{ i.ecpect }}</h1>
    <h1>{{ i.begin }}</h1>
    <h1>{{ i.end }}</h1>
    <h1>{{ i.score }}</h1>
    <h1>{{ i.tag }}</h1>
    <h1>{{ i.position }}</h1>
{% endfor %}

<p></p>
<p></p>
<p></p>
{% if user.is_authenticated %}
  <p>Welcome, {{ user.username }}. Thanks for logging in.</p>
{% else %}
  <p>Welcome, new user. Please log in.</p>
{% endif %}
<p></p>
{{ form }}
</body>
</html>

<script>
function getCookie(name) {
    var cookieValue = null;
    if (document.cookie && document.cookie != '') {
        var cookies = document.cookie.split(';');
        for (var i = 0; i < cookies.length; i++) {
            var cookie = jQuery.trim(cookies[i]);
            // Does this cookie string begin with the name we want?
            if (cookie.substring(0, name.length + 1) == (name + '=')) {
                cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
                break;
            }
        }
    }
    return cookieValue;
}
function csrfSafeMethod(method) {
    // these HTTP methods do not require CSRF protection
    return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}

<!--ajax方法 ：-->

$.ajax({
    url: "ticket/operation/?action=get_vmlist",
    data: { 'env': env, 'subenv': subenv },
    type: "post",
    dataType: 'json',
    beforeSend: function (xhr, settings) {
        //此处调用刚刚加入的js方法
        var csrftoken = getCookie('csrftoken');
        if (!csrfSafeMethod(settings.type) && !this.crossDomain) {
            xhr.setRequestHeader("X-CSRFToken", csrftoken);
        }
    },
    success: function (data) {

    },
    complete: function () {

    },
    error: function (er) {

    }
});

</script>